Presentation was from Harsimran but due to last minute commitments, Amit has to deliver it. In this descriptive session, Amit explained various automation techniques covering pefile, pydbg, IDAPython scripts. He also showed demo of ExeScan and Malpimp tools.

Similar posts

Computer Security Tips: Stay Safe Onl...
—
In recent times cyber security has raised the level of awareness and public consciousness as never before. Both large corporations and big organizations try to take care of online security as much as they can. That’s why cyber criminals and hackers have focused more on smaller companies and single entrepreneurs. This awful tendency leads to [...]

Code Injection and API Hooking Techni...
—
Hooking covers a range of techniques used for many purposes like debugging, monitoring, intercepting messages, extending functionality etc. Hooking is also used by a lot of rootkits to camouflage themselves on the system. Rootkits use various hooking techniques when they have to hide a process, hide a network port, redirect file writes to some different [...]

Advanced Malware Analysis Training Se...
—
Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 2) Dissecting the HeartBeat RAT Functionalities This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012. In this extended session, I explained “Decrypting various Communications Of HeartBeat [...]

Advanced Malware Analysis Training Se...
—
Here is the quick update on this month’s Local Security meet (SX/Null/G4H/owasp) and our advanced malware training session on (Part 1) Reversing & Decrypting Communications of HeartBeat RAT This is part of our FREE ‘Advanced Malware Analysis Training’ series started from Dec 2012. In this extended session, I explained “Decrypting The [...]

Detailed Overview and Internals of PE...
—
A win32 portable executable(PE) file consists of: DOS Header, PE Header, Section Table, Sections. Analyzing a PE file gives us a lot of information like the address in memory where the file will be located (ImageBase), address of entry point, imported and exported functions, packed or unpacked etc. Thus this static analysis can indicate whether [...]